Eurest is a premier provider of catering services for businesses, schools, and hospitals. As part of the Compass Group, the world’s largest contract food service company, Eurest operates in 45 countries, employing over 600,000 people and serving 5.5 billion meals annually. With a strong presence in both public and private sectors, Eurest relies on technology-driven solutions to manage its large-scale operations efficiently.
Executive Summary
Eurest, a global leader in contract catering services, required a robust cloud security framework to safeguard its vast network of restaurant and food service operations. Facing challenges in threat detection, compliance enforcement, and data protection, Eurest partnered with Magic Beans to implement a comprehensive AWS Managed Security Service Provider (MSSP) solution. By leveraging AWS Security Hub, GuardDuty, Inspector, Systems Manager, WAF, and KMS, Eurest achieved enhanced security visibility, proactive threat mitigation, and compliance adherence while ensuring seamless operations across its cloud infrastructure.
Customer Challenge
As Eurest expanded its cloud-based infrastructure to support global operations, it faced multiple security challenges:
- Lack of centralized security monitoring across AWS workloads, leading to gaps in threat detection.
- Need for real-time threat intelligence and response to prevent potential cyberattacks.
- Compliance enforcement with internal security policies and industry regulations.
- Data encryption and access control requirements to protect sensitive customer and financial information.
- Web application security risks, including protection against SQL injection and distributed denial-of-service (DDoS) attacks.
Without addressing these issues, Eurest faced risks such as data breaches, operational disruptions, and regulatory non-compliance, which could significantly impact business continuity and customer trust.
Partner Solution
To enhance Eurest’s cloud security posture, Magic Beans deployed the following AWS security services:
- AWS Security Hub – Provided centralized visibility into security alerts and compliance status across AWS accounts.
- Amazon GuardDuty – Enabled continuous monitoring for threats such as anomalous API calls and unauthorized access.
- AWS Inspector – Automated vulnerability management, identifying and prioritizing security risks.
- AWS Systems Manager – Simplified compliance enforcement through centralized patch management and logging.
- AWS Web Application Firewall (WAF) – Protected Eurest’s online services from common web exploits.
- AWS Key Management Service (KMS) – Secured sensitive data using AWS-managed encryption keys.
Managed Security Services Delivered
Magic Beans operates managed security services activities that integrates seamlessly with Eurest’s cloud environment.
Core MSSP Activities:
- Continuous Threat Monitoring: Review all findings from GuardDuty and Inspector with alerting.
- Incident Response & Escalation:
- Tier 1: Alerts triaged automatically using enrichment playbooks.
- Tier 2: Analyst validation, context enrichment, and investigation.
- Tier 3: Incident escalation to Eurest's IT team for joint remediation.
- Automated Remediation: GuardDuty alerts trigger predefined Lambda responses for immediate containment.
- Patch & Compliance Management: AWS Systems Manager enforces patch baselines and logs results.
- Security Advisory Services: Ongoing consulting to improve IAM policies, WAF rule sets, and encryption strategies.
Security Governance & Compliance
Magic Beans established a formal Security Governance Framework with the following components:
- Compliance Reporting: Automated dashboards detail alignment with Security Standards, PCI, and CIS benchmarks.
- Security Reviews: Strategic sessions with Eurest’s security leadership to track progress, adjust SLAs, and refine priorities.
- Change Control Procedures: All critical changes to WAF, IAM, and SSM patch baselines follow an approval workflow.
- KPI-Driven Risk Management: Security posture is measured and optimized across performance metrics tracked monthly
Architectural Design
Architecture Diagram
Results and Benefits
As a result of the Magic Beans Managed Security Services, Eurest was able to achieve:
- Improved Security Posture: Reduced security incidents through real-time monitoring and proactive threat detection.
- Faster Threat Response: Automated security alerts decreased response times, minimizing potential breaches.
- Enhanced Compliance: AWS Systems Manager and Security Hub streamlined compliance reporting, ensuring adherence to ISO 27001 and GDPR standards.
- Data Protection Assurance: AWS KMS encryption ensured sensitive customer and financial data remained secure.
- Web Application Security: AWS WAF blocked and prevented potential attacks.
Outcomes & Metrics
| Metric | Outcome |
| Mean Time to Detect (MTTD) | Reduced to 4 minutes through continuous GuardDuty and Security Hub monitoring |
| Mean Time to Respond (MTTR) | Achieved under 15 minutes for critical incidents |
| Vulnerability Remediation Time | Reduced by 65% using automated Inspector scans and Systems Manager patching |
| Compliance Coverage | Achieved 80% CIS compliance within the first 90 days |
| WAF Block Events | Blocked over 500 malicious requests/day, including botnet traffic and injection attempts |
| Audit Preparation Time | Reduced by 70% due to automated Security Hub and SSM compliance reports |
Ready to get started?
To learn more about how AWS and Magic Beans can help your business, contact us at team@magicbeans.pt
© Copyright - | magic beans | All Rights Reserved | Powered by: valkirias